Help
Not a customer? Start a free trial

Not a customer? Click the 'Start a free trial' link to begin a 30-day SaaS trial of our product and to join our community.

Existing Cisco AppDynamics customers should click the 'Sign In' button to authenticate to access the community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to encrypt machine agent and database agent credentials?

Anonymous
Not applicable

‎03-27-2018 06:29 AM

Hello,

 

I am looking for an option to encrypt database agent and machine agent credentials in .xml. I tried doing it on .net agent and figured out that the encryption has to be done at installation time. Is there a way where we can encrypt account name & pwd? If yes, the do we need to install JRE on the servers for this encryption functionality?

 

Why I am asking this is, I installed machine agent with JRE bundle (which didnt asked me to install the JRE on the server) and now if encryption is possible then does it ask me to install JRE on the server? is this the same case for DB agent as a windows service?

 

Total environment is windows server 2012

 

Please advise.

 

Thanks

Sandeep

0 Kudos
19 REPLIES 19

Anonymous
Not applicable

‎03-28-2018 08:21 AM

Hi Sandeep,

 

Did you try the steps on the following link:

https://docs.appdynamics.com/display/PRO44/Encrypt+Agent+Credentials

 

https://docs.appdynamics.com/display/PRO44/Encrypt+Credentials+in+.NET+Agent+Configuration

 

The jars that provide the encryption are included in the agent bundle and for running a java agent or machine agent on a server, you need a jre either the one that comes with the agent or on the server but not both at the same time.

 

Thanks!

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎03-28-2018 08:49 AM

Thanks for the reply Gurmitsa,

 

1. Then what about db agent? it doesnot come with JRE bundle.

 

2. My main concern is that I am installing machine agents and db agets without installing JRE on server. I used same "jre" folder which comes in machine agent budle, copy and paste in database agent installation folder (refering to this offline lib. I installed the db agent), this worked. Now if I need to use encryption concept, running these "secure-credential-store-api-1.3.0.0.jar" and "scs-api-1.0.0.jar" without Java installed on the server is possible? I tried with offline jre libraries, it didn't work.

 

Thanks

Sandeep

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎03-28-2018 09:18 AM

What is the error you get?

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎03-28-2018 09:26 AM

this is the command I am trying to run

D:\machineagent-bundle-64bit-windows-4.4.2.742\jre\bin>java -jar D:\machineagent-bundle-64bit-windows-4.4.2.742\lib\secure-credential-store-api-1.3.0.0.jar generate_ks -filename 'D:/Appdynamics/mysecretKeyStore' -storepass 'Welcome1' -plaintext 'Welcome2'

 

and this is the error:
no main manifest attribute, in D:\machineagent-bundle-64bit-windows-4.4.2.742\lib\secure-credential-store-api-1.3.0.0.jar

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎03-28-2018 09:51 AM - edited ‎03-28-2018 09:51 AM

You have the wrong command, (also the slash were incorrect)

You have to first run (i removed -plaintext argument, that is part of encrypt)

D:\machineagent-bundle-64bit-windows-4.4.2.742\jre\bin>java -jar D:\machineagent-bundle-64bit-windows-4.4.2.742\lib\secure-credential-store-api-1.3.0.0.jar generate_ks -filename 'D:\Appdynamics\mysecretKeyStore' -storepass 'Welcome1'

 

Once the above is done, you run the encrupt as below

D:\machineagent-bundle-64bit-windows-4.4.2.742\jre\bin>java -jar D:\machineagent-bundle-64bit-windows-4.4.2.742\lib\secure-credential-store-api-1.3.0.0.jar encrypt -filename 'D:\Appdynamics\mysecretKeyStore' -storepass 'Welcome1' -plaintext 'Welcome2'

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎03-28-2018 10:02 AM

Thanks for correcting the command. I thuought system would throw an error something like "path not recognized"; "path is incorrect" or something if "\" "/" was used wrongly.

 

It's still the same error executing the command

java -jar D:\machineagent-bundle-64bit-windows-4.4.2.742\lib\secure-credential-store-api-1.3.0.0.jar generate_ks -filename 'D:\Appdynamics\mysecretKeyStore' -storepass 'Welcome1

 

attaching the screen shot.

error.PNG
17 KB
0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎08-07-2018 11:39 AM

I am having the same issue where I get the "no main manifest attribute, in ./lib/scs-api-1.0.0.jar" error when trying to setup a keystore.  Did this get resolved?  Could you share the resolution?

 

Thanks,

michael

0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎08-07-2018 11:47 AM

Yes! Are you using <database_agent_home>/lib/scs-api-1.0.0.jar?
0 Kudos

Anonymous
Not applicable
In response to Anonymous

‎08-07-2018 11:49 AM

Hi Michael,

 

Are you sure about having that file in the location? As far as I remember, there was no such file in /lib, I manually copied that file from machine agent java lib. to DB agent java /lib

 

Let me know

 

Thanks

Sandeep

0 Kudos
Now On Demand
Learn how Splunk and AppDynamics are redefining observability

Watch Now!
Observe and Explore
Dive into our Community Blog for the Latest Insights and Updates!

Read the blog here

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

By clicking subscribe, I have read and understood the Privacy Policy and Terms of Use.
Platform
Solutions
Learn

Company
Support